RE: Blocking MSN (and any other service for that matter)

[Chuck Vose <vosechu () roman-fleuve com>]

On Fri, 2004-04-23 at 05:53, MHawkins () TULLIB COM wrote:
> So what if  someone has a changeable MAC NIC?
>
> Step 1: Break through physical access and get yourself a Ethernet port to
> connect to.

Lets imagine something a little less far fetched. Wireless access point
with spoof-able MAC, hooked onto the back of your computer so that you
can use remote desktop because the admins refuse to let you do it
through the firewall. 

> Step 2: Attempt to connect. Ethernet port shuts down almost as soon as you
> connected.

Sure why not. Any brands come to mind that shut off a port when the link
is broken? I'm intrigued. 

> Step 3: Since you are very technically competent you recognize the
> possibility that MAC level security is in place.

Ok, but I said "could cause lots of problems" not will obviously
invalidate this method. MAC level security could make this situation
very possible, but is it more work than some of the alternatives?

> Step 4: You conclude it will be far easier to steal time at a host that is
> already within the network rather than attempt to guess a valid MAC address.

When 70% of attacks are from insiders, why would I (being a disgruntled
employee) need to guess at all. Let's just run ipconfig and figure it
out. 

You seem to be on the defensive about this, have I said something to
make you think I'm attacking the idea of mac based VLANing?

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards